Skip to content

Commit 2071061

Browse files
authored
Python: Fix "use set literal" warnings
1 parent 821de63 commit 2071061

File tree

2 files changed

+19
-49
lines changed

2 files changed

+19
-49
lines changed

python/ql/lib/semmle/python/security/strings/External.qll

Lines changed: 12 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -79,18 +79,12 @@ deprecated class ExternalUrlSplitResult extends ExternalStringSequenceKind {
7979
override TaintKind getTaintOfAttribute(string name) {
8080
result = super.getTaintOfAttribute(name)
8181
or
82-
(
83-
// namedtuple field names
84-
name = "scheme" or
85-
name = "netloc" or
86-
name = "path" or
87-
name = "query" or
88-
name = "fragment" or
89-
// class methods
90-
name = "username" or
91-
name = "password" or
92-
name = "hostname"
93-
) and
82+
name in [
83+
// namedtuple field names
84+
"scheme", "netloc", "path", "query", "fragment",
85+
// class methods
86+
"password", "username", "hostname",
87+
] and
9488
result instanceof ExternalStringKind
9589
}
9690

@@ -108,19 +102,12 @@ deprecated class ExternalUrlParseResult extends ExternalStringSequenceKind {
108102
override TaintKind getTaintOfAttribute(string name) {
109103
result = super.getTaintOfAttribute(name)
110104
or
111-
(
112-
// namedtuple field names
113-
name = "scheme" or
114-
name = "netloc" or
115-
name = "path" or
116-
name = "params" or
117-
name = "query" or
118-
name = "fragment" or
119-
// class methods
120-
name = "username" or
121-
name = "password" or
122-
name = "hostname"
123-
) and
105+
name in [
106+
// namedtuple field names
107+
"scheme", "netloc", "path", "params", "query", "fragment",
108+
// class methods
109+
"username", "password", "hostname",
110+
] and
124111
result instanceof ExternalStringKind
125112
}
126113

python/ql/src/Variables/ShadowBuiltin.ql

Lines changed: 7 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -17,30 +17,13 @@ import Shadowing
1717
import semmle.python.types.Builtins
1818

1919
predicate allow_list(string name) {
20-
/* These are rarely used and thus unlikely to be confusing */
21-
name = "iter" or
22-
name = "next" or
23-
name = "input" or
24-
name = "file" or
25-
name = "apply" or
26-
name = "slice" or
27-
name = "buffer" or
28-
name = "coerce" or
29-
name = "intern" or
30-
name = "exit" or
31-
name = "quit" or
32-
name = "license" or
33-
/* These are short and/or hard to avoid */
34-
name = "dir" or
35-
name = "id" or
36-
name = "max" or
37-
name = "min" or
38-
name = "sum" or
39-
name = "cmp" or
40-
name = "chr" or
41-
name = "ord" or
42-
name = "bytes" or
43-
name = "_"
20+
name in [
21+
/* These are rarely used and thus unlikely to be confusing */
22+
"iter", "next", "input", "file", "apply", "slice", "buffer", "coerce", "intern", "exit",
23+
"quit", "license",
24+
/* These are short and/or hard to avoid */
25+
"dir", "id", "max", "min", "sum", "cmp", "chr", "ord", "bytes", "_",
26+
]
4427
}
4528

4629
predicate shadows(Name d, string name, Function scope, int line) {

0 commit comments

Comments
 (0)